www.americanexpress.com
Open in
urlscan Pro
104.109.79.176
Public Scan
Effective URL: https://www.americanexpress.com/us/content/fraud-protection-center/types-of-fraud.html?vgnextchannel=9ee6d6954360c110VgnVCM10000...
Submission: On January 25 via manual from US
Summary
TLS certificate: Issued by GeoTrust SSL CA - G3 on June 20th 2017. Valid for: a year.
This is the only time www.americanexpress.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.134.222.254 67.134.222.254 | 209 (CENTURYLI...) (CENTURYLINK-US-LEGACY-QWEST - Qwest Communications Company) | |
1 1 | 104.125.38.118 104.125.38.118 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
2 37 | 104.109.79.176 104.109.79.176 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
8 | 52.3.149.37 52.3.149.37 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 178.79.245.69 178.79.245.69 | 22822 (LLNW) (LLNW - Limelight Networks) | |
1 | 178.79.227.0 178.79.227.0 | 22822 (LLNW) (LLNW - Limelight Networks) | |
3 | 104.109.73.124 104.109.73.124 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 3 | 54.154.158.135 54.154.158.135 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 185.34.188.178 185.34.188.178 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 54.156.162.53 54.156.162.53 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
2 | 52.22.165.3 52.22.165.3 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 198.160.127.57 198.160.127.57 | 15026 (ACXIOM) (ACXIOM - Acxiom Corporation) | |
2 4 | 172.217.22.102 172.217.22.102 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 148.173.101.84 148.173.101.84 | 6307 (AMERICAN-...) (AMERICAN-EXPRESS - American Express Company) | |
1 1 | 172.217.16.194 172.217.16.194 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 172.217.21.228 172.217.21.228 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 172.217.21.227 172.217.21.227 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
59 | 12 |
ASN209 (CENTURYLINK-US-LEGACY-QWEST - Qwest Communications Company, LLC, US)
email.amexnetwork.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-125-38-118.deploy.static.akamaitechnologies.com
americanexpress.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-79-176.deploy.static.akamaitechnologies.com
www.americanexpress.com | |
www.aexp-static.com | |
web.aexp-static.com | |
icm.aexp-static.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-3-149-37.compute-1.amazonaws.com
nexus.ensighten.com |
ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: vps-011.fra.llnw.net
assets.delvenetworks.com |
ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-178-79-227-0.vie.llnw.net
s.delvenetworks.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-73-124.deploy.static.akamaitechnologies.com
service.maxymiser.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-158-135.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: americanexpress.com.ssl.d2.sc.omtrdc.net
omns.americanexpress.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-156-162-53.compute-1.amazonaws.com
l.betrad.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-165-3.compute-1.amazonaws.com
nexus.ensighten.com |
ASN15026 (ACXIOM - Acxiom Corporation, US)
aeopprodvip.acxiom.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f102.1e100.net
ad.doubleclick.net |
ASN6307 (AMERICAN-EXPRESS - American Express Company, US)
PTR: gct-VIP.americanexpress.com
gct.americanexpress.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f228.1e100.net
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f3.1e100.net
www.google.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
aexp-static.com
www.aexp-static.com web.aexp-static.com icm.aexp-static.com |
408 KB |
10 |
ensighten.com
nexus.ensighten.com |
58 KB |
7 |
americanexpress.com
3 redirects
americanexpress.com www.americanexpress.com omns.americanexpress.com gct.americanexpress.com |
57 KB |
5 |
doubleclick.net
3 redirects
ad.doubleclick.net googleads.g.doubleclick.net |
2 KB |
3 |
demdex.net
1 redirects
dpm.demdex.net |
5 KB |
3 |
maxymiser.net
service.maxymiser.net |
33 KB |
2 |
delvenetworks.com
1 redirects
assets.delvenetworks.com s.delvenetworks.com |
19 KB |
1 |
google.de
www.google.de |
356 B |
1 |
google.com
1 redirects
www.google.com |
256 B |
1 |
acxiom.com
aeopprodvip.acxiom.com |
422 B |
1 |
betrad.com
l.betrad.com |
120 B |
1 |
amexnetwork.com
1 redirects
email.amexnetwork.com |
553 B |
59 | 12 |
Domain | Requested by | |
---|---|---|
23 | www.aexp-static.com |
www.americanexpress.com
nexus.ensighten.com www.aexp-static.com |
10 | nexus.ensighten.com |
www.americanexpress.com
nexus.ensighten.com www.aexp-static.com |
10 | web.aexp-static.com |
www.americanexpress.com
|
4 | ad.doubleclick.net |
2 redirects
www.americanexpress.com
|
3 | dpm.demdex.net |
1 redirects
www.americanexpress.com
www.aexp-static.com |
3 | service.maxymiser.net |
nexus.ensighten.com
service.maxymiser.net |
3 | www.americanexpress.com | 2 redirects |
2 | omns.americanexpress.com |
www.aexp-static.com
www.americanexpress.com |
1 | www.google.de | |
1 | www.google.com | 1 redirects |
1 | googleads.g.doubleclick.net | 1 redirects |
1 | gct.americanexpress.com |
www.americanexpress.com
|
1 | aeopprodvip.acxiom.com |
icm.aexp-static.com
|
1 | icm.aexp-static.com |
nexus.ensighten.com
|
1 | l.betrad.com |
www.americanexpress.com
|
1 | s.delvenetworks.com |
www.americanexpress.com
|
1 | assets.delvenetworks.com | 1 redirects |
1 | americanexpress.com | 1 redirects |
1 | email.amexnetwork.com | 1 redirects |
59 | 19 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
americanexpress.com GeoTrust SSL CA - G3 |
2017-06-20 - 2018-09-19 |
a year | crt.sh |
omns.americanexpress.com Verizon Public SureServer EV SSL CA G14-SHA2 |
2016-02-19 - 2018-04-16 |
2 years | crt.sh |
gct.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2016-08-01 - 2018-08-06 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.americanexpress.com/us/content/fraud-protection-center/types-of-fraud.html?vgnextchannel=9ee6d6954360c110VgnVCM100000defaad94RCRD&appinstancename=default&vanity=phishing
Frame ID: (22F8A8ACC3AB7AF4D730741C47F26DBB)
Requests: 59 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://email.amexnetwork.com/a/hBaScBQB74HuoB82AIJNtTzXP.B74Huoms/amex1
HTTP 307
http://americanexpress.com/phishing HTTP 301
https://www.americanexpress.com/phishing HTTP 301
http://www.americanexpress.com/us/content/fraud-protection-center/identity-theft.html?vgnextchannel=9ee6d69... HTTP 307
https://www.americanexpress.com/us/content/fraud-protection-center/identity-theft.html?vgnextchannel=9ee6d69... HTTP 301
https://www.americanexpress.com/us/content/fraud-protection-center/types-of-fraud.html?vgnextchannel=9ee6d69... Page URL
Detected technologies
ClickTale (Analytics) ExpandDetected patterns
- env /^ClickTale/i
SWFObject (Miscellaneous) Expand
Detected patterns
- env /^SWFObject$/i
SiteCatalyst (Analytics) Expand
Detected patterns
- env /^s_(?:account|objectID|code|INST)$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Twitter Bootstrap () Expand
Detected patterns
- script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i
Page Statistics
60 Outgoing links
These are links going to different origins than the main page.
Title: Account Home
Search URL Search Domain Scan URL
Title: Statements & Activity
Search URL Search Domain Scan URL
Title: Account Services
Search URL Search Domain Scan URL
Title: Card Benefits
Search URL Search Domain Scan URL
Title: OPEN Small Business
Search URL Search Domain Scan URL
Title: Merchant Home
Search URL Search Domain Scan URL
Title: American Express @ Work
Search URL Search Domain Scan URL
Title: Savings Accounts and CDs
Search URL Search Domain Scan URL
Title: Membership Rewards® Point Summary
Search URL Search Domain Scan URL
Title: Membership Rewards® Point Summary
Search URL Search Domain Scan URL
Title: CreditSecure
Search URL Search Domain Scan URL
Title: Bluebird Alternative to Banking
Search URL Search Domain Scan URL
Title: Charge & Credit Card Offers
Search URL Search Domain Scan URL
Title: Corporate Cards
Search URL Search Domain Scan URL
Title: Compare Corporate Cards
Search URL Search Domain Scan URL
Title: Find a Custom Corporate Solution
Search URL Search Domain Scan URL
Title: Book A Trip
Search URL Search Domain Scan URL
Title: Book Hotels
Search URL Search Domain Scan URL
Title: Book Flights, Cars, Cruises, Vacations
Search URL Search Domain Scan URL
Title: Fine Hotels & Resorts
Search URL Search Domain Scan URL
Title: Benefits of a Travel Specialist
Search URL Search Domain Scan URL
Title: Find a Destination Expert
Search URL Search Domain Scan URL
Title: Corporate Travel Solutions
Search URL Search Domain Scan URL
Title: Travel Insurance
Search URL Search Domain Scan URL
Title: Find a Travel Service Office
Search URL Search Domain Scan URL
Title: Membership Rewards® Home
Search URL Search Domain Scan URL
Title: Membership Rewards® Home
Search URL Search Domain Scan URL
Title: Use Points
Search URL Search Domain Scan URL
Title: Point Summary
Search URL Search Domain Scan URL
Title: Explore Your Cards Rewards Program
Search URL Search Domain Scan URL
Title: Entertainment and Events
Search URL Search Domain Scan URL
Title: Entertainment and Events
Search URL Search Domain Scan URL
Title: Order Employee Cards
Search URL Search Domain Scan URL
Title: Corporate Cards
Search URL Search Domain Scan URL
Title: Supplier Payment Solutions
Search URL Search Domain Scan URL
Title: Meetings and Events
Search URL Search Domain Scan URL
Title: Merchant Home
Search URL Search Domain Scan URL
Title: Find Payment Solutions
Search URL Search Domain Scan URL
Title: Get a Merchant Account
Search URL Search Domain Scan URL
Title: Get Financing for Your Business
Search URL Search Domain Scan URL
Title: Issuers and Acquirers
Search URL Search Domain Scan URL
Title: Providers and Developers
Search URL Search Domain Scan URL
Title: Log In
Search URL Search Domain Scan URL
Title: Site FAQ
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: About American Express
Search URL Search Domain Scan URL
Title: Investor Relations
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Corporate Cards
Search URL Search Domain Scan URL
Title: Savings Accounts and CDs
Search URL Search Domain Scan URL
Title: Membership Rewards®
Search URL Search Domain Scan URL
Title: CreditSecure®
Search URL Search Domain Scan URL
Title: Bluebird®
Search URL Search Domain Scan URL
Title: Accept Amex Cards
Search URL Search Domain Scan URL
Title: AdChoices
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://email.amexnetwork.com/a/hBaScBQB74HuoB82AIJNtTzXP.B74Huoms/amex1
HTTP 307
http://americanexpress.com/phishing HTTP 301
https://www.americanexpress.com/phishing HTTP 301
http://www.americanexpress.com/us/content/fraud-protection-center/identity-theft.html?vgnextchannel=9ee6d6954360c110VgnVCM100000defaad94RCRD&appinstancename=default&vanity=phishing HTTP 307
https://www.americanexpress.com/us/content/fraud-protection-center/identity-theft.html?vgnextchannel=9ee6d6954360c110VgnVCM100000defaad94RCRD&appinstancename=default&vanity=phishing HTTP 301
https://www.americanexpress.com/us/content/fraud-protection-center/types-of-fraud.html?vgnextchannel=9ee6d6954360c110VgnVCM100000defaad94RCRD&appinstancename=default&vanity=phishing Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://assets.delvenetworks.com/player/embed.js HTTP 302
- https://s.delvenetworks.com/deployments/embed-code/embed-code-1.6.1/embed.js
- https://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
- https://ad.doubleclick.net/activity;src=3837602;type=brand048;cat=types922;ord=193348.44972617817 HTTP 302
- https://ad.doubleclick.net/activity;dc_pre=CKCmx_-i8tgCFRQX4Aod8vwIYA;src=3837602;type=brand048;cat=types922;ord=193348.44972617817
- https://ad.doubleclick.net/activity;src=189445;type=entp14;cat=fraud984;ord=1;num=934009.2228226564 HTTP 302
- https://ad.doubleclick.net/activity;dc_pre=CJSqx_-i8tgCFc4m4Aod_V8BeA;src=189445;type=entp14;cat=fraud984;ord=1;num=934009.2228226564
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977472328/?value=1.00¤cy_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null HTTP 302
- https://www.google.com/ads/user-lists/977472328/?value=1.00¤cy_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&cdct=2&is_vtc=1&random=604732533 HTTP 302
- https://www.google.de/ads/user-lists/977472328/?value=1.00¤cy_code=USD&label=vu7GCKqepm4QyJaM0gM&guid=ON&script=0&data=SBO=null&cdct=2&is_vtc=1&random=604732533&ipr=y&ulfeg=n
59 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
types-of-fraud.html
www.americanexpress.com/us/content/fraud-protection-center/ Redirect Chain
|
54 KB 54 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
shareamex.js
www.aexp-static.com/api/axpi/shareamex/2.0/js/ |
48 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
styles.css
web.aexp-static.com/us/content/sharedcss/FlexibleTemplates/Common/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
servicesDetail.css
web.aexp-static.com/us/content/sharedcss/FlexibleTemplates/ServicesDetail/ |
35 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
rwd.css
web.aexp-static.com/us/content/sharedcss/FlexibleTemplates/Common/ |
3 KB 745 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
servicesDetail_rwd.css
web.aexp-static.com/us/content/sharedcss/FlexibleTemplates/ServicesDetail/ |
38 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap.js
nexus.ensighten.com/amex/amexhead/ |
77 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
inav_responsive.css
www.aexp-static.com/nav/ngn/css/ |
83 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
clear.gif
www.aexp-static.com/nav/ngn/img/ |
43 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
logo_bluebox_1x.gif
www.aexp-static.com/nav/ngn/img/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
jquery.js
web.aexp-static.com/us/content/sharedjs/FlexibleTemplates/Common/ |
93 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
jquery-ui.js
web.aexp-static.com/us/content/sharedjs/FlexibleTemplates/Common/ |
199 KB 51 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
script.js
web.aexp-static.com/us/content/sharedjs/FlexibleTemplates/Common/ |
24 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.js
s.delvenetworks.com/deployments/embed-code/embed-code-1.6.1/ Redirect Chain
|
18 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
swfobject.js
web.aexp-static.com/us/content/sharedjs/FlexibleTemplates/LimeLightVideo/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
amexLLVideoMultiple.js
web.aexp-static.com/us/content/sharedjs/FlexibleTemplates/LimeLightVideo/ |
2 KB 836 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mmcore.js
service.maxymiser.net/cdn/americanexpress/js/ |
17 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
visitorAPI-NonAAM.js
www.aexp-static.com/api/axpi/omniture/ |
16 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/amex/amexhead/ |
164 B 443 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
service.maxymiser.net/cg/v5us/ |
23 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mmpackage-1.13.js
service.maxymiser.net/platform/us/api/ |
60 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
iNav_ngi_sprite_new.gif
www.aexp-static.com/nav/ngn/img/ |
23 KB 23 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
img_shdw_mainNav.png
www.aexp-static.com/nav/ngn/img/ |
143 B 315 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
commonFunctionsResponsive.js
www.aexp-static.com/nav/ngn/js/ |
58 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
bg_pattern.gif
web.aexp-static.com/us/content/images/FlexibleTemplates/ |
13 KB 13 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
iNav_sprite_footer.gif
www.aexp-static.com/nav/ngn/img/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
iNav_sprite_footer1.gif
www.aexp-static.com/nav/ngn/img/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/nav/ngn/fonts/ |
36 KB 37 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
www.aexp-static.com/nav/ngn/fonts/ |
37 KB 37 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap.js
nexus.ensighten.com/amex/ |
62 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
iOAjquery1.6.3.min.js
www.aexp-static.com/api/axpi/ioa/js/ |
90 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
VIDServiceDomestic.js
www.aexp-static.com/api/axpi/GCT/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
id
omns.americanexpress.com/ |
155 B 598 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/amex/ |
1 KB 732 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pes_basic.js
www.aexp-static.com/api/axpi/pzn/js/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
p.gif
l.betrad.com/pub/ |
0 120 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ffd209fedcd99c4844cce2e0a7183bfe.js
nexus.ensighten.com/amex/prod/code/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c4e745c1ac1d3c0b8d398c157a8757a9.js
nexus.ensighten.com/amex/prod/code/ |
1 KB 856 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
82c5c7f70e5f65f093d22d74a7906f73.js
nexus.ensighten.com/amex/prod/code/ |
26 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
deb097202702633f43e93b6a2986a92c.js
nexus.ensighten.com/amex/prod/code/ |
73 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9dd90475de742efe939469acf2d71c34.js
nexus.ensighten.com/amex/prod/code/ |
340 B 633 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d67bdedd8803d17469f6cfc68f261a57.js
nexus.ensighten.com/amex/prod/code/ |
346 B 639 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ClickStreamVars.js
icm.aexp-static.com/Internet/US/DARE/ |
20 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clickStream
aeopprodvip.acxiom.com/services/ |
0 422 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
aaLauncher.css
www.aexp-static.com/api/axpi/ioa/launcher/ |
143 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
aaLauncher.js
www.aexp-static.com/api/axpi/ioa/launcher/ |
72 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
activity;dc_pre=CKCmx_-i8tgCFRQX4Aod8vwIYA;src=3837602;type=brand048;cat=types922;ord=193348.44972617817
ad.doubleclick.net/ Redirect Chain
|
42 B 318 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
activity;dc_pre=CJSqx_-i8tgCFc4m4Aod_V8BeA;src=189445;type=entp14;cat=fraud984;ord=1;num=934009.2228226564
ad.doubleclick.net/ Redirect Chain
|
42 B 306 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
spr-online-assist2-gif-smcompressed.png
www.aexp-static.com/api/axpi/ioa/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
img-search-big-rptr.gif
www.aexp-static.com/api/axpi/ioa/img/ |
252 B 423 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
img-search-sm-rptr.gif
www.aexp-static.com/api/axpi/ioa/img/ |
204 B 375 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
s_code_mobile.js
www.aexp-static.com/api/axpi/omniture/ |
83 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pzncs.min.js
www.aexp-static.com/api/axpi/pzn/js/cs/v1.0.6/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gct_us.js
www.aexp-static.com/api/axpi/GCT/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s96674838019313
omns.americanexpress.com/b/ss/amexpressprod/1/JS-2.1.0/ |
43 B 527 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
captureevents.do
gct.americanexpress.com/gct/ |
0 829 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.google.de/ads/user-lists/977472328/ Redirect Chain
|
42 B 356 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
282 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| ShareAmexEnv object| ShareAmex object| $itag object| ensBootstraps object| amexhead object| mmLocalAttr object| mmRequestCallbacks object| mmsystem undefined| mmInitCallback object| mmcore function| Visitor object| s_c_il number| s_c_in object| visitor object| NAV string| j object| iNavConfig string| s_TopNav object| jsObj undefined| UrlConnect_newObject number| sugg_n object| iNavNGI function| initOmnDefault string| curDomain function| omn_rmaction function| omn_rmvar function| omn_bpoclick function| omn_bpoimpression function| ctn_rmaction function| ctn_rmvar function| omn_mer_rmaction function| omn_mer_rmleadstart function| omn_mer_rmshare function| omn_mer_rmvidstart function| omn_mer_rmvidcomplete function| omn_mer_trackdownload function| omn_mer_rmvar function| omn_mer_tracklogin function| omn_relatedprodclick function| searchWidgetAction function| searchWidgetError function| searchWidgetFAQAction function| searchWidgetHyperlinkClick function| searchWidgetSearch function| omn_rmdiscuss function| omn_rmfollowcomplete function| omn_rmfollowstart function| omn_rmlogin function| omn_rmprofile function| omn_rmregcomplete function| omn_rmregstart function| omn_rmaddpaybill function| omn_rmaddsscard function| omn_rmeStatement function| t function| tl function| $ function| jQuery function| DP_jQuery_1516854403443 string| videoURL object| iCMVideoVars number| vidcnt function| playVideo function| closeVideo function| createDiv function| loadScript function| setupNav function| selectChange function| setTable function| setHeight function| omnitureTracking function| resetFootnote object| LimelightPlayerUtil object| swfobject function| FROM_FLASH_Log function| FROM_FLASH_GetCurrentShareLink function| GetShareLink function| SetMedia function| GetVideoPlayer function| $iOA function| $iN object| vid_provider string| dformat object| Bootstrapper function| initGCT object| qsArray string| k object| o function| silentErrorHandler boolean| initialized object| PZN_PES function| json_parse string| psj0 string| psj1 string| psj2 string| psj3 string| psj4 string| psj5 object| iNLoginUrl string| itm_newDigitalPageName string| itm_oldDigitalPageName function| ClickStreamVars number| initial_index number| len string| oyp_data object| omn function| loadNGAMUTracking boolean| isPagebdaasSupported boolean| loadlecode boolean| slFlag boolean| iscorppage object| IOA string| iOAIconHolder string| first string| second string| third string| iOAsearchBar string| ioaNewiNavSrchBtn string| ioaNewiNavHelpBtn string| ioaNewiNavSearch string| summerNavHTML object| chatEligibleApps string| targetScore undefined| xhr object| overLayMaster object| faqMaster object| qLinksMaster object| parentImg object| SERVER_URL object| HOME_PAGE_SERVER_URL boolean| isTestPage boolean| searchBarHasFocus boolean| onlineTabLoaded string| AAVer number| result_n boolean| frominPageFaqLink object| IOASSIST function| loadIOA function| paintIOAToolBar function| getiNavVersion function| hasClassAA function| paintOldToolBar function| paintHybridToolBar function| appendChildNodes function| controlIconDisplay function| isFAQIconPresent function| hideFAQIcon function| hideHybridFAQIcon function| paintNewToolBar function| paintSearchButton function| paintQuestionMarkButton function| searchButtonClicked function| addSearchImg function| isSearchBarOpened function| closeSearchBar function| addAnimation function| focusSrchInput function| openSearchBar function| sbCloseButtonClicked function| sbClearButtonClicked function| ioascroll function| hidePlaceHolder function| showPlaceHolderAA function| loadInlineChat function| wasInlineScriptLoaded function| isChatEligibleApp function| chatCookieExists function| downLoadCSS function| downLoadInlineJS function| loadCoBrowseScript function| isCoBrowseStarted function| wasCoBrowseLoaded function| adjustOverLayMasterZIndex function| openAA function| removeFromBody function| getItFromAAServer function| setCSSProperties function| getActualHeight function| getActualWidth function| wasAAScriptAdded function| downLoadAAScripts function| downLoadAAJS function| getQLinks function| predictiveAccs function| getRowCount function| isSearchBarClosed function| goToSeachPage function| wasQLinkScriptAdded function| downloadQSearchScripts function| downLoadQLinksJS function| getENV function| getFromHiddenVar function| getHomePageServerURL function| getServerURL function| createCORSRequest function| showIOAToolTip function| hideIOAToolTip function| checkOnline function| shownavTooltip function| hidenavTooltips function| findPos function| setSmartRespClasses function| closePredLayer function| hideNewiOAPSDiv function| clickSearchIcon function| getQueryParamValueByName function| setCookie function| getCookie_AA function| delCookie function| iOAcheckPhoneDesk function| isAAMobile function| adjustaaLoader function| hideHelpPopUp function| showHelpPopUp function| toggleHelpPopup function| openSearchBox function| closeSearchBox function| summerNavInputBlur function| foucsPHInput function| newiNavPredLayerTouchHandler function| addNewiNavPredLayerTouchHandler function| addAAScrollerFunc function| hideSummerNavPlaceHolder undefined| guid undefined| tgtCookie function| openCobrowseOnline function| iTagRuleCheckTimer string| s_scodesuffix string| s_devprod function| s_getmcmid object| s_rmvars string| s_rmact number| s_rmi number| omn_temp function| s_rmobj function| omn_rmvidstart function| omn_rmvidcomplete function| omn_rmsocialaction function| omn_rmshare function| omn_rmsiteerror function| omn_rmphonedial function| s_csi function| omn_rmassistaction function| omn_rmsearch function| omn_rmsearchclick function| omn_rmaddtocompare function| omn_counteroffered function| omn_crossselloffered function| omn_abtesttracker function| omn_clearfa function| s_doPlugins function| s_cleanQS function| c_rspers function| c_r function| c_w function| AppMeasurement_Module_Integrate function| clickTaleGetUID_PID string| standardDimensions string| customDimensions1 string| customDimensions2 string| customDimensions3 string| customDimensions4 function| AppMeasurement function| s_gi function| s_pgicq object| s number| s_objectID number| s_giq string| s_tnt string| uc string| pv string| visit_num_val object| scgct object| s_i_amexpressprod object| ClickStreamService object| jsonData object| icats_obj_us object| queryParams string| refType undefined| queryParam boolean| isAfflPersist boolean| isSearchPersist12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.americanexpress.com/ | Name: s_sess Value: %20tp%3D1366%3B%20s_dedupeCM%3Dvanity%253DphishingUS%253ALegacy%2520Non-Searchn%252Fan%252Fan%252Fa%3B%20s_cpc%3D1%3B%20s_cc%3Dtrue%3B%20s_ppv%3DUS%25257CAMEX%25257CEnterprise%25257CAbout%25257CSecurityCenter%25257CFraudTypes%252C88%252C88%252C1200%3B |
|
.americanexpress.com/ | Name: TS0199faae Value: 018378d52a810428f118d53dcffeb954df7668bfbdb6fb9882f90def33c1fcabd81960d9b09541af522cd3b467e7185aff2786d318 |
|
.americanexpress.com/ | Name: s_pers Value: %20s_visit%3D1%7C1516856204334%3B%20gpv_v41%3DUS%257CAMEX%257CEnterprise%257CAbout%257CSecurityCenter%257CFraudTypes%7C1516856204338%3B%20s_campStack%3D%255B%255B%2527vanity%25253Dphishing%2527%252C%25271516854404341%2527%255D%255D%7C1674620804341%3B%20s_uvid%3D1516854404345312%7C1674534404345%3B%20s_vnum%3D1%7C1674534404345%3B%20s_invisit%3Dtrue%7C1516856204345%3B |
|
.americanexpress.com/ | Name: gctracus Value: gctvid=2018-01-25/04:26:43-2f91fadf-4c28-27da-d4db-bc11068d9b75&eep=null&lan=1 |
|
.americanexpress.com/ | Name: AMCV_5C36123F5245AF470A490D45%40AdobeOrg Value: 793872103%7CMCMID%7C42911802574043882653803403677610570756%7CMCAAMLH-1517459203%7C6%7CMCAAMB-1517459203%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCAID%7C2D34AE4185311B16-40000108E00098F9 |
|
.americanexpress.com/ | Name: s_vi Value: [CS]v1|2D34AE4185311B16-40000108E00098F9[CE] |
|
.americanexpress.com/ | Name: mm_pc Value: %7B%22affluentIndex%22%3A%22%22%7D |
|
.americanexpress.com/ | Name: mmapi.p.pd Value: %22283052603%7CAQAAAApVAgDubic8yg8AAREAAUK45ClFAQDOV4nWq2PVSM5XidarY9VIAAAAAP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAZEaXJlY3QByg8BAAAAAAAAAAAA%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAAAAAAAAAFF%22 |
|
.americanexpress.com/ | Name: mmapi.p.uat Value: %7B%22GenerationPage%22%3A%22%2Fus%2Fcontent%2Ffraud-protection-center%2Ftypes-of-fraud.html%22%7D |
|
.americanexpress.com/ | Name: mmapi.p.srv Value: %22fravwcgus01%22 |
|
www.americanexpress.com/ | Name: TS011f2bff Value: 018378d52a5f065731f67830a31ac6acc32a54db3ae874a7da77270fa8dafd6b363eb8b1281f6d48eaf055f96bcfcc5e7bb9e38c2e |
|
www.americanexpress.com/ | Name: BIGipServerorigin2.www.americanexpress-1090 Value: 2064452106.16900.0000 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
aeopprodvip.acxiom.com
americanexpress.com
assets.delvenetworks.com
dpm.demdex.net
email.amexnetwork.com
gct.americanexpress.com
googleads.g.doubleclick.net
icm.aexp-static.com
l.betrad.com
nexus.ensighten.com
omns.americanexpress.com
s.delvenetworks.com
service.maxymiser.net
web.aexp-static.com
www.aexp-static.com
www.americanexpress.com
www.google.com
www.google.de
104.109.73.124
104.109.79.176
104.125.38.118
148.173.101.84
172.217.16.194
172.217.21.227
172.217.21.228
172.217.22.102
178.79.227.0
178.79.245.69
185.34.188.178
198.160.127.57
52.22.165.3
52.3.149.37
54.154.158.135
54.156.162.53
67.134.222.254
0599c46fe041b42c8962023c373636941ba931250be995cbb91d1bb493a32234
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
1643d71e8bc63c3ba1cbf35a1ebe239e11e895951780b63c845dba751844dc3d
183346f0a0af6252f7e760e6e75a59687ee3ef522fe787015c2ae37c13faa806
184909cc9dbde7b3f13e84b131b9589c1bae4b28ce0d6551dbd33aec34972475
1bd4bae68103ace527841f2750c5ea853e6d678c7c17582523f613bad9ae75b5
2307aa674193a6b9bc7da636f21629333a929b2a19b6f260db9dd14005d8145b
2721848dfc787df4b37a9365d0a9c77e9966c7e7465e0b178a887f2928eb2dff
32f1a89244b10bff4f8a6fc8e5db58ea64e7c8bf075fae46091d9c4807b8d967
333b398104da3cd21f850266fa1c8f66c455229c2195935db6e39dd6ed98039d
3701d4d1d42fac8762696d68ef1808676aa2d9700c18fe2415dbedc312b0de0e
3845a01eb2d9d61561333aab7b4e7fcabb61e76ba02b72fac42306623096dbe5
3ed772fb8bc11079c9ffbdcd666844c3788bc438b7951fe9fe7e12e31fdfeb5c
4198142f9a77fe35db67a1e8c0ac383661dfd7475733918baf304ebf7425ae1a
42df652e6d43cbc4a5625ce51ef1c04182111a13fdca52078d4033d28020d5bb
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
494a08ffdc171d9ff8a66dd64f28f37c4597ae73c03ece604bd1a325baef9a30
50b41fdfdc999bd686cd59eb53d3f87ebd67370c73ca36e7789b206218da50ba
568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c
5904a93263f351bb4889c06b5c810f0aecaac51f41e62f8fb508fd31751a954c
6056d255e00b5ee3be96e2740a1912768141c0e4270aa517047dff34e06a15dc
62a0ceaaa490ceceeff12c2d7a98fc2c44559638807f6fdab4a72f4c21f28632
6adc3ad1f545424f39187573000bdf0bd130e0147c3ab389f831189dba31ba8c
76dc214b3b6594f61eb4fe877dbec2e374d77e980703ea4a561ec3d09565f524
7e1af6a213138550bb93a220457d9856fdffd609b46a7cb54f0908c46462297c
86292da0629850c506a9a958a8e68f8daaa0f5f94e75c7272d3ae3f50a0a6518
87eb8e32748e5434dc20acd7a2ad200967dda194da0947b8d456de48fda3650b
8ead4abcb50c4528ccce5b87613714afc0f2fc1102f58ea1bbce48cbc3d4f6ca
985c9c4d5f4dd4fca6f0911875e6209fbfc04b8342715efb4d8a405088fdf60b
9c0623343af058282689444bd5badfcbc2102cd43dba57dfafbfaf46119d1560
a070b877320d1cc41b6187141008e80ea5f99ba6bdecb033a2f95caaaa53c249
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a233b74cd13233cbbe3aa8d630cf4fb79a8899cea56b6b85ab1465c781297fb7
a8bb864aab51b8bf1367416dab57965671b71c78dd77d5656bfa07bff7040fd9
ad7a1acb9f8b763ff3c32f14a8ab80887dc109b81cf9cccef21cb02406bbb5fa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3be0c1dca2d9a00d8da591e1c209fced4d3ee588efb495eed4191aa2558e658
b6c2ef0dc62dab808ea0af4f9f84d2fe97630c1b91b1df5045f8bcc138310b56
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
ba6f2a42640e1e7c820d6da37becee23290a59e6b1d18f065d31c22983e6cba1
bb14cc55cff68a05b7917aef2797e92922d414b45b2babb25f3cd37fa0c02836
c5728ebd8f225043ec8b85f79c9964f133136f91b9bb260eb69437ce9af4573a
cb95856797df377606cda98e5b86106bfe0bf95a6e17a60c98d21b8e0a165c68
cdf23a6d6d521d6e9be46b389943d85f0e7f1f864e0db49e9a7229433e2d682d
d353e2522abe2215640dcc566a62494042a669406555093ac5b072f3d77c9737
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
d58182cfb9e44056afff1afa3369a7647179a28166af61662651d3266e85aadd
d85203f03a51463d4e99b7e263ebd98d9b084f4dbb3ac0ed1afe81ad044ba3a6
d9bd2a36852c744e6a4882ee22d7985bb307626d0fb513ee87577be527c7f102
e0aecb307db9ad7d67786733d74d4a022a14a0be55d05126c21e65165e6cb359
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f442e845dc93caa747f3051467f5322190f06953d623dd5b0ff968a591af8d8f
f7a5cf04651af2b64e90a195ca9f742c0b8c25f0b82d62ac61076bb75937234e